You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Loic A.LA

Loic A.

Information Security Management System Specialist

€700/day
Paris, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Loic

General engineer specialized in Information Security Management System (ISMS) with over 5 years of experience in highly regulated environments. I possess expertise in implementing and improving Information Security Management Systems (ISMS) compliant with the ISO 27000 series standards, as well as in cyber risk analysis and management using methodologies such as EBIOS Risk Manager.

My engineering background has enabled me to develop a systemic approach to organizations and digital systems, at the interface of technological, regulatory, and governance challenges, integrating the requirements of normative and regulatory frameworks such as ISO 27001/27005, NIS2, the Digital Operational Resilience Act (DORA), the Cyber Resilience Act (CRA), the General Data Protection Regulation (GDPR), and the European regulation on artificial intelligence (AI Act).

I have contributed to regulatory compliance projects, cybersecurity governance, and risk management, including the implementation of security controls, audit preparation, compliance management, and the integration of cybersecurity requirements into information systems and processes.

Accustomed to operating in complex and international environments, I am comfortable coordinating multidisciplinary teams, conducting risk analyses, and managing compliance initiatives, as well as using GRC platforms such as ServiceNow for tracking controls, risks, and remediation plans. I am proficient in writing technical and governance documentation in both English and French.
  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • MHC Healthcare
    Global Information Security Management System Specialist
    MEDICAL
    February 2022 - Today (4 years and 6 months)
    Paris, France
    ◖️Participation in the implementation and improvement of the Information Security Management System (ISMS) in accordance with ISO 27001 and ISO 27005, including the definition of security policies, standards, and procedures.

    ◖️Conduct of cyber risk analyses according to the EBIOS Risk Manager methodology, identification and mapping of critical assets, analysis of threats and vulnerabilities, and definition of risk treatment plans.

    ◖️Contribution to regulatory compliance programs with European frameworks NIS2, Digital Operational Resilience Act (DORA), Cyber Resilience Act (CRA), GDPR/GDPR, and AI Act (EU 2024/1689), including gap analyses and action plan monitoring.

    ◖️Implementation and monitoring of security controls within the GRC framework, using governance platforms such as ServiceNow GRC for tracking risks, controls, and corrective actions.

    ◖️Participation in the preparation and execution of internal and external audits related to information security, including the collection of compliance evidence and follow-up of non-conformities.

    ◖️Contribution to strengthening the security posture of information systems, including vulnerability management, security patch tracking, and identification of critical IT assets.

    ◖️Contribution to cybersecurity incident management processes and operational resilience initiatives, including the implementation and improvement of business continuity plans (BCP) and disaster recovery plans (DRP).

    ◖️Collaboration with IT, cybersecurity, compliance, and business teams in an international environment to integrate security and compliance requirements into information systems and processes.
    GDPR Compliance Cybersecurity EBIOS RM NIS2 ISMS
  • CARMAT
    Cybersecurity Process Leader [Artificial Heart]
    MEDICAL
    July 2021 - February 2022 (7 months)
    Paris, France
    ◖️Product Risk Management: Design FMEA, Process FMEA, Product Risk Management, specifications, verification, and validation.

    ◖️Cybersecurity: definition and implementation of a cybersecurity process for the entire lifecycle, aligned with IEC 81001-5-1 standards, Cyber Resilience Act, and FDA requirements.
    CE Marking & Regulatory Compliance (MDR 2017/745) Cyber Resilience Act IEC 81001-5-1 FMEA Product Risk Management (ISO 14971)
  • Pixee Medical
    Quality/Regulatory Affairs Engineer
    MEDICAL
    February 2021 - July 2021 (5 months)
    Lyon, France
    ◖️R&D Coordination for integration of cybersecurity requirements and preparation of a health software certification file
    Quality & Quality Management System (QMS) Medical Device Software & SDLC (IEC 62304) GDPR Compliance Cybersecurity Regulation

Recommendations

Be the first to recommend Loic

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Master 2
    Université des Montagnes Université des Montagnes Université de Technologie Compiègne
    Master 2

Certifications

Skill set

Categories